Implementing Internet Key Exchange Security Protocol on Cisco IOS XR Software
Configuration Examples for Implementing IKE Security Protocol
SC-68
Cisco IOS XR System Security Configuration Guide
Configuration Examples for Implementing IKE Security Protocol
This section provides the following configuration examples:
• Creating IKE Policies: Example, page SC-69
• Configuring a service-ipsec Interface with a Dynamic Profile: Example, page SC-69
• Configuring Easy VPN with a Local AAA: Example, page SC-70
• Configuring VRF-Aware: Example, page SC-71
Step 8
set interface {service-ipsec | service-gre}
intf-index
Example:
RP/0/RP0/CPU0:router(config-isa-prof-match)# set
interface service-ipsec 50
or
RP/0/RP0/CPU0:router(config-isa-prof-match)# set
interface service-gre 1000
Predefines the virtual interface when IKE negotiates
for IPSec SAs and the local endpoint is the IKE
responder.
• Use the service-ipsec keyword to specify the
IPSec service interfaces.
• Use the service-gre keyword to specify the
GRE service interfaces.
• Use the intf-index argument to set the range
from 1 to 65535.
Step 9
end
or
commit
Example:
RP/0/RP0/CPU0:router(config-isa-prof-match)# end
or
RP/0/RP0/CPU0:router(config-isa-prof-match)# commit
Saves configuration changes.
• When you issue the end command, the system
prompts you to commit changes:
Uncommitted changes found, commit them
before exiting(yes/no/cancel)?
[cancel]:
–
Entering yes saves configuration changes to
the running configuration file, exits the
configuration session, and returns the
router to EXEC mode.
–
Entering no exits the configuration session
and returns the router to EXEC mode
without committing the configuration
changes.
–
Entering cancel leaves the router in the
current configuration session without
exiting or committing the configuration
changes.
• Use the commit command to save the
configuration changes to the running
configuration file and remain within the
configuration session.
Command or Action Purpose
To Next Page
Loading...
Need help?
General
